首页 >> 网络安全 >>网络周态 >> 每日安全动态推送(11-25)
详细内容

每日安全动态推送(11-25)

时间:2020-11-25     作者:腾讯玄武实验室   阅读

Tencent Security Xuanwu Lab Daily News


• Detailing SaltStack Salt Command Injection Vulnerabilities:
https://www.thezdi.com/blog/2020/11/24/detailing-saltstack-salt-command-injection-vulnerabilities

   ・ ZDI 对近期 SaltStack 被发现的几个命令注入漏洞的分析 – Jett


• Awesome Cybersecurity Blue Team:
https://github.com/fabacab/awesome-cybersecurity-blueteam

   ・ 蓝队最好的学习资源项目。 – lanying37


• MMU Virtualization Via Intel EPT: Technical Details:
https://revers.engineering/mmu-ept-technical-details/

   ・ 通过Intel EPT进行MMU虚拟化:技术细节探讨。  – lanying37


• Exploiting a “Simple” Vulnerability – In 35 Easy Steps or Less!:
https://windows-internals.com/exploiting-a-simple-vulnerability-in-35-easy-steps-or-less/

   ・ Windows 内核 EtwpNotifyGuid 任意地址加 1 漏洞的利用过程分析 – Jett


• GEF extension to handle tagged and compressed pointers in v8 better (WIP):
https://gist.github.com/lordidiot/1580ddc3474d8f017f2f7972a69727d2

   ・ 用于调试时辅助处理 V8 引擎 Tagged Pointer 的 GEF 扩展 – Jett


• A Fresh Outlook on Mail Based Persistence:
https://www.mdsec.co.uk/2020/11/a-fresh-outlook-on-mail-based-persistence/

   ・ A Fresh Outlook on Mail Based Persistence – Jett


• Smart (and simple) ways to prevent symlink attacks in Go:
https://blog.trailofbits.com/2020/11/24/smart-and-simple-ways-to-prevent-symlink-attacks-in-go/

   ・ Smart (and simple) ways to prevent symlink attacks in Go – Jett


• [Android] Enter WAPDropper – An Android Malware Subscribing Victims To Premium Services By Telecom Companies - Check Point Research:
https://research.checkpoint.com/2020/enter-wapdropper-subscribe-users-to-premium-services-by-telecom-companies/

   ・ Checkpoint 对 Android 平台吸费恶意软件 WAPDropper 的分析 – Jett


• TA416 APT Rebounds With New PlugX Malware Variant:
https://threatpost.com/ta416-apt-plugx-malware-variant/161505/

   ・ 研究人员发现TA416 APT使用由Golang编写的PlugX恶意软件加载程序,并对非洲外交组织进行的组织鱼叉式网络钓鱼攻击威胁。 – lanying37


• The .NET Export Portal - XPN InfoSec Blog:
https://blog.xpnsec.com/the-net-export-portal/

   ・ The .NET Export Portal – Jett


• 物联网安全系列之探索IoT通信安全的研究之道:
https://security.tencent.com/index.php/blog/msg/171

   ・ 物联网安全系列之探索IoT通信安全的研究之道 – Jett
技术支持: 建站ABC | 管理登录